External Authentication via Apache Webserver

I want to use the Webserver Basic Authentication as authentication method for the login to icingaweb.

For this purpose, I wrote into /etc/icingaweb2/authentication.ini the following 2 lines:

[root@tlin40 ~]# cat /etc/icingaweb2/authentication.ini
[autologin]
backend = “external”

and into /etc/httpd/conf.d/icingaweb2.conf I added in the <Directory “/usr/share/icingaweb2/public”> directive:

AuthType Basic
AuthName “Icinga Web 2”
AuthUserFile /etc/icingaweb2/.http-users
Require valid-user

For a first testing attempt, I added only a single userid into the users file:

[root@tlin40 ~]# cat /etc/icingaweb2/.http-users
icingaadmin:$apr1$G6kXutA8$D3V1o.o/mqHEyuqgzQVLh1

I followed the instructions in https://icinga.com/docs/icingaweb2/latest/doc/05-Authentication/ .

If I want to login into the Web Application http://tlin40.mainz.de.ibm.com/icingaweb2/authentication/login , the following error messages is displayed and I am unable to login:
“You’re currently not authenticated using any of the web server’s authentication mechanisms. Make sure you’ll configure such, otherwise you’ll not be able to login.”

I am using the OS “Red Hat Enterprise Linux Server release 7.7 (Maipo)” and icinga2-2.11.3-1.el7.icinga.x86_64 with icingaweb2-2.7.3-1.el7.icinga.noarch .

Can you check whether Icinag Web 2 logs anything to syslog (or where it is configured to log to in /etc/icingaweb2/config.ini)?

Can you also double-check which quotes are used around external in /etc/icingaweb2/authentication.ini? I think it’s possible that the forum software just replaced them, however when copy-pasting your configuration with the Unicode instead of ASCII quotes, I got exactly the behavior you described and the error message Authentication configuration for user backend "autologin" defines an invalid backend type. Backend type "“external”" is not supported in the logs.

Hi,
I have same issue (few attempt of installation) , and icingaweb2 documentation didnt mention that you need to comment or correct follow part of Apache 2.4>= configuration (icingaweb2.conf):

    #    <IfModule mod_authz_core.c>
    #        # Apache 2.4
    #        <RequireAll>
    #            Require all granted
    #        </RequireAll>
    #    </IfModule>

without that no http authentication will be performed.